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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^ Responsive to communication(s) filed on 13 February 2004 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^3 Claim(s) 16-39 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 16-39 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) \3 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)Q accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Election/Restrictions 
1 . Restriction to one of the following inventions is required under 35 U.S. C. 121 : 

I. Claims 3, 5-9, and 13-15 are drawn to secure transaction utilizing a third party 
(the security server), classified in class 705 subclass 78. 

II. Claims 4 and 10-12, drawn to secure transactions utilizing transaction 
verification, classified in class 705 subclass 75. 

III. Claims 16-39, drawn to secure transactions utilizing PIN verification, classified in 
class 705 subclass 72. 

IV. Claims 40-49, drawn to authenticating users 705 subclass 67. 

Inventions 1,11, III and IV are related as combination and subcombination. Inventions in 
this relationship are distinct if it can be shown that (1) the combination as claimed does not 
require the particulars of the subcombination as claimed for patentability, and (2) that the 
subcombination has utility by itself or in other combinations (MPEP § 806.05(c)). In the instant 
case, the combination as claimed does not require the particulars of the subcombination as 
claimed because a third party is not necessary for user authentication. The subcombination has 
separate utility such as utilizing a third party. 

Because these inventions are distinct for the reasons given above and have acquired a 
separate status in the art as shown by their different classification, restriction for examination 
purposes as indicated is proper. 

Examiner notes that is would be a serious burden to search all seven inventions given 
their separate status in the art as noted above. 

The requirement is deemed proper and therefore made FINAL. 

Via paper 14 file on February 13,2004 the Applicant has elected the examination of 
invention III, directed towards claims 16-39. Affirmation of this election must be made by 
applicant in replying to this Office action. Claims 3-15 and 40-49 are withdrawn from further 
consideration by the examiner, 37 CFR 1.142(b), as being drawn to a non-elected invention. 

Claims 16-39 have been examined. 



Claim Rejections - 35 USC § 103 
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The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



Claims 16-39 are rejected under 35 U.S.C. 103(a) as being unpatentable over Padgett et 
al (US Patent 6,167,518) in view of Ross (US Patent 6,195,447). 

As per claim 16, 

Padgett et al ('5 1 8) discloses a method for verifying a user and a user computer 
comprising: 

in response to the request for verification, sending at least one request to the user 
computer; (Figure 1) 

comparing the first identification for the user against a second identification for the user 
to verify the user, the second identification for the user accessible by the verification 
computer;(Column 2, lines 61-67; column 3 lines 1-6) 

Padgett et al ('518) does not explicitly disclose the features of receiving a request for 
verification from a computer; receiving at least one response from the user computer, the at least 
one response including a first fingerprint file and a first identification for the user; comparing the 
first fingerprint file against a second fingerprint file to verify the user computer, the second 
fingerprint file accessible by the verification computer; sending at least one verification 
response, based upon the comparing of the first fingerprint file against the second fingerprint file 
and upon the comparing of the first identification for the user against the second identification 
for the user. Ross ( 4 447) discloses receiving a request for verification from a computer; receiving 
at least one response from the user computer,(Figure 3) the at least one response including a first 
fingerprint file and a first identification for the user;(Column 3, lines 56-59) comparing the first 
fingerprint file against a second fingerprint file to verify the user computer, the second 
fingerprint file accessible by the verification computer;(Column 4, lines 1-7); sending at least 
one verification response, based upon the comparing of the first fingerprint file against the 
second fingerprint file and upon the comparing of the first identification for the user against the 
second identification for the user.(Column 4, lines 25-27) It would have been obvious to one 
having ordinary skill in the art at the time the invention was made to combine the Padgett et al 
('5 18) method with the Ross ( 4 447) method in order to increase security in systems that utilize 
fingerprint comparisons without requiring additional hardware costs. 

As per claim 17, 

Padgett et al ('51 8) discloses the method according to claim 16 
Padgett et al ('518) does not explicitly disclose the verification computer is a 
clearinghouse computer. Ross ('447) discloses the verification computer is a clearinghouse 
computer.(Figure 3) It would have been obvious to one having ordinary skill in the art at the 
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time the invention was made to combine the Padgett et al ('51 8) method with the Ross ('447) 
method in order to increase security in systems that utilize fingerprint comparisons without 
requiring additional hardware costs. 

As per claim 1 8, 

Padgett et al ('518) discloses the method according to claim 16 
Padgett et al ('51 8) does not explicitly disclose the verification computer is a vendor 
computer. Ross ('447) discloses the verification computer is a vendor computer.(Figure 3) It 
would have been obvious to one having ordinary skill in the art at the time the invention was 
made to combine the Padgett et al ('51 8) method with the Ross ('447) method in order to 
increase security in systems that utilize fingerprint comparisons without requiring additional 
hardware costs. 

As per claim 19, 

Padgett et al ('518) discloses A method according to claim 16, wherein said step of 
sending at least one request to a user computer includes: 

sending a first request to the user computer for the first fingerprint file; and sending a 
second request to the user computer for the first identification for the user.(Column 5, lines 16- 
26, Figure 2) 

As per claim 20, 

Padgett et al ('518) discloses a method according to claim 16, wherein said step of 
receiving at least one response from the user computer includes: 

receiving a first response from the user computer including the fingerprint file; and 
receiving a second response from the user computer including the first identification for the 
user.(Column 5, lines 43-44) 

As per claim 21, 

Padgett et al ('518) discloses a method according to claim 16, 
Official Notice is taken that "the second response from the user computer is received 
prior to first response from the user computer" is common and well known in prior art in 
reference to network communications. It would have been obvious to one having ordinary skill 
in the art at the time the invention was made that replies from a client might be received out of 
order because of the nonhomogenous nature of computer networks, ie. The first response could 
be delayed due the a large amount of network traffic while the second response might be routed 
differently and be received prior to the first transmsission. The Examiner noted that this feature 
is common to Email systems such as SMTP. 

As per claim 22, 

Padgett et al ('518) discloses a method according to claim 16, 

Official Notice is taken that "steps of comparing the first fingerprint file against a second 
fingerprint file, and comparing the first identification for the user against a second identification 
for the user are not performed simultaneously" is common and well known in prior art in 
reference to authentication via database. It would have been obvious to one having ordinary skill 
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in the art at the time the invention was made that comparison of identification feature would not 
occur simultaneously in order to provide more efficient processing of the data, by comparing the 
fingerprint files sequentially processing time is save if the first comparison fails, rendering the 
second comparison unnecessary 

As per claim 23, 

Padgett et al ('51 8) discloses a method according to claim 18, wherein said step of 
sending at least one response to the vendor computer, based upon the comparing of the first 
fingerprint file against the second fingerprint file and upon the comparing of the first 
identification for the user against the second identification for the user includes 

sending a confirmation only when both the first fingerprint file and the first identification 
of the user match the second fingerprint file and the second identification for the user 
respectively.(Column 6, lines 40-49) 

As per claim 24, 

Padgett et al ('518) discloses a method according to claim 19, wherein said step of 
receiving at least one response from the user computer includes: 

receiving a first response from the user computer including the first fingerprint file; and 
receiving a second response from the user computer including the first identification for the 
user. (Figure 2) 

As per claim 25, 

Padgett et al ('518) discloses a method according to claim 24, 
Official Notice is taken that "the second response from the user computer is received 
prior to first response from the user computer" is common and well known in prior art in 
reference to network communications. It would have been obvious to one having ordinary skill 
in the art at the time the invention was made that replies from a client might be received out of 
order because of the non- homogenous nature of computer networks, ie. The first response could 
be delayed due the a large amount of network traffic while the second response might be routed 
differently and be received prior to the first transmission. The Examiner noted that this feature is 
common to Email systems such as SMTP. 

As per claim 26, 

Padgett et al ('518) discloses a method according to claim 16, 

wherein the first identification for the user includes a password.(Column 5, lines 13-22) 
As per claims 27 and 28, 

Padgett et al ('518) discloses a method according to claim 16, 

Official Notice is taken that "the first fingerprint file includes information based upon an 
identification number of a CPU [or MAC addressjof the user computer" is common and well 
known in prior art in reference to authentication. It would have been obvious to one having 
ordinary skill in the art at the time the invention was made that a hardware identifier such as a 
CPU ID or MAC address would be included along with a users identity in order to increase the 
security of the system by preventing access from unauthorized locations. 
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As per claim 29, 

Padgett et al ('518) discloses a method according to claim 16, wherein prior to the step of 
receiving the first request from the verification computer, 

storing the second fingerprint file in a first data base accessible by verification 
computer,and storing the second identifications for the user in a second database accessible by 
the verification computer. (Figure 3) 

As per claim 30, 

Padgett et al ('5 18) discloses a method according to claim 18, wherein prior to the step of 
receiving the first request from the vendor computer, 

storing the second fingerprint file in a first data base accessible by a clearinghouse 
computer, and storing the second identifications for the user in a second database accessible by a 

' clearinghouse computer.(Figure 3) 

As per claim 31, 

Padgett et al ('51 8) discloses the method according to claim 28 

Official Notice is taken that "first database and second database are the same" is common 
and well known in prior art in reference to authentication. It would have been obvious to one 
having ordinary skill in the art at the time the invention was to not use multiple databases in 
order to increase the performance of the system by reducing the number of database transactions 
made 

As per claim 32, 

Padgett et al ('51 8) discloses the method according to claim 18 wherein the step of 
receiving a request from a vendor computer includes 

receiving an Internet address of the user computer. (Figure 3) 

As per claim 33, 

Padgett et al ('518) discloses the method according to claim 32 
Official Notice is taken that "identifying the user computer based upon the Internet 
address received from the vendor computer" is common and well known in prior art in reference 
to authentication. It would have been obvious to one having ordinary skill in the art at the time 
the invention was made that a identifier such as an Internet address would identify the user in 
order to increase the security of the system by preventing access by unauthorized people. 

As per claim 34, 

Padgett et al ('518) discloses a clearinghouse computer comprising: 
a processor for communicating with the storage unit and the memory unit for comparing 
information indicative of the second fingerprint file and the second identification for the user 
with information indicative of the first fingerprint file and first identification for the user, and 
causing a message to be generated based upon the comparing.(Column 2, lines 61-67; column 3 
lines 1-6). Padgett et al ('518) does not explicitly disclose a storage unit for storing information 
received from a user computer; the information including a second fingerprint file and a second 
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identification for a user; a memory unit for receiving information indicative of first fingerprint 
file and a first identification for the user; Ross ( 6 447) discloses a storage unit for storing 
information received from a user computer;(Figure 3) the information including a second 
fingerprint file and a second identification for a user;(Column 3, lines 56-59) a memory unit for 
receiving information indicative of first fingerprint file and a first identification for the 
user(Column 3, lines 56-59). It would have been obvious to one having ordinary skill in the art 
at the time the invention was made to combine the Padgett et al ('518) method with the Ross 
( fi 447) method in order to increase security in systems that utilize fingerprint comparisons 
without requiring additional hardware costs. 

As per claim 35, 

Padgett et al ('518) discloses a clearinghouse computer according to claim 34, wherein 
the storage unit includes: 

a first storage location for storing the second fingerprint file, and a second storage 
location for storing the second identification for the user.(Figure 3) c 

As per claim 36, 

Padgett et al ('51 8) discloses a clearinghouse computer according to claim 34, wherein 
the memory unit includes: 

a first memory location for storing, at least temporarily, the first fingerprint file, and a second 
memory location for storing, at least temporarily, the first identification for the user.(Figure 3) 

As per claim 37, 

Padgett et al ('518) discloses a clearinghouse computer according to claim 34, further 
including: 

an output for receiving the message to be generated based upon the comparison, and the 
output further capable of communicating with a vendor computer.(Figure 8) 

As per claim 38, 

Padgett et al ('518) discloses a clearinghouse computer according to claim 34, 
wherein the second identification for the user includes a password.(Column 5, lines 13- 

22) 

As per claim 39, 

Padgett et al ('518) discloses a clearinghouse computer according to claim 34 
Official Notice is taken that "includes information based upon an identification number 
of a CPU of the user computer" is common and well known in prior art in reference to 
authentication. It would have been obvious to one having ordinary skill in the art at the time the 
invention was made that a hardware identifier such as a CPU ID would be included along with a 
users identity in order to increase the security of the system by preventing access from 
unauthorized locations. 
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Conclusion 



Examiners note: Examiner has cited particular columns and line numbers in the 
references as applied to the claims above for the convenience of the applicant. Although the 
specified citations are representative of the teachings of the art and are applied to the specific 
limitations within the individual claim, other passages and figures may apply as well. It is 
respectfully requested from the applicant in preparing responses, to fully consider the references 
in entirety as potentially teaching all or part of the claimed invention, as well as the context of 
the passage as taught by the prior art or disclosed by the examiner. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to John M Winter whose telephone number is (703) 305-3971. The 
examiner can normally be reached on M-F 8:30-6, 1st Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James P Trammell can be reached on (703)305-9768. The fax phone numbers for the 
organization where this application or proceeding is assigned are (763) 872-9306 for regular 
communications and (763) 872-9306 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703) 308-1 1 13. 



JMW 

May 2, 2004 
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